From ce6247f3f21c88d7b9197c5cfd22440e1d28e90e Mon Sep 17 00:00:00 2001
From: Weston Steimel <commits@weston.slmail.me>
Date: Tue, 21 May 2024 12:34:37 +0100
Subject: [PATCH] conversion for psf records

Signed-off-by: Weston Steimel <commits@weston.slmail.me>
---
 data/anchore/2023/CVE-2023-6597.json | 67 ++++++++++++++++++++++++++
 data/anchore/2024/CVE-2024-0450.json | 70 ++++++++++++++++++++++++++++
 data/anchore/2024/CVE-2024-4030.json | 43 +++++++++++++++++
 3 files changed, 180 insertions(+)
 create mode 100644 data/anchore/2023/CVE-2023-6597.json
 create mode 100644 data/anchore/2024/CVE-2024-0450.json
 create mode 100644 data/anchore/2024/CVE-2024-4030.json

diff --git a/data/anchore/2023/CVE-2023-6597.json b/data/anchore/2023/CVE-2023-6597.json
new file mode 100644
index 00000000..8a474832
--- /dev/null
+++ b/data/anchore/2023/CVE-2023-6597.json
@@ -0,0 +1,67 @@
+{
+  "additionalMetadata": {
+    "cna": "psf",
+    "cveId": "CVE-2023-6597",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/",
+      "https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25",
+      "https://github.com/python/cpython/issues/91133",
+      "https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82",
+      "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html",
+      "https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5",
+      "http://www.openwall.com/lists/oss-security/2024/03/20/5",
+      "https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d",
+      "https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b",
+      "https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
+        ],
+        "product": "CPython",
+        "repo": "https://github.com/python/cpython",
+        "vendor": "Python Software Foundation",
+        "versions": [
+          {
+            "lessThan": "3.12.3",
+            "status": "affected",
+            "version": "3.12.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.11.9",
+            "status": "affected",
+            "version": "3.11.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.10.14",
+            "status": "affected",
+            "version": "3.10.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.9.19",
+            "status": "affected",
+            "version": "3.9.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.8.19",
+            "status": "affected",
+            "version": "0",
+            "versionType": "python"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
\ No newline at end of file
diff --git a/data/anchore/2024/CVE-2024-0450.json b/data/anchore/2024/CVE-2024-0450.json
new file mode 100644
index 00000000..f1f9ebc5
--- /dev/null
+++ b/data/anchore/2024/CVE-2024-0450.json
@@ -0,0 +1,70 @@
+{
+  "additionalMetadata": {
+    "cna": "psf",
+    "cveId": "CVE-2024-0450",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51",
+      "https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b",
+      "https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba",
+      "https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/",
+      "https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183",
+      "https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85",
+      "https://www.bamsoftware.com/hacks/zipbomb/",
+      "https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549",
+      "https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html",
+      "http://www.openwall.com/lists/oss-security/2024/03/20/5",
+      "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675",
+      "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html",
+      "https://github.com/python/cpython/issues/109858"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
+        ],
+        "product": "CPython",
+        "repo": "https://github.com/python/cpython",
+        "vendor": "Python Software Foundation",
+        "versions": [
+          {
+            "lessThan": "3.12.3",
+            "status": "affected",
+            "version": "3.12.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.11.9",
+            "status": "affected",
+            "version": "3.11.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.10.14",
+            "status": "affected",
+            "version": "3.10.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.9.19",
+            "status": "affected",
+            "version": "3.9.0",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.8.19",
+            "status": "affected",
+            "version": "0",
+            "versionType": "python"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
\ No newline at end of file
diff --git a/data/anchore/2024/CVE-2024-4030.json b/data/anchore/2024/CVE-2024-4030.json
new file mode 100644
index 00000000..e914d287
--- /dev/null
+++ b/data/anchore/2024/CVE-2024-4030.json
@@ -0,0 +1,43 @@
+{
+  "additionalMetadata": {
+    "cna": "psf",
+    "cveId": "CVE-2024-4030",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/python/cpython/issues/118486",
+      "https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e",
+      "https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d",
+      "https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
+        ],
+        "product": "CPython",
+        "repo": "https://github.com/python/cpython",
+        "vendor": "Python Software Foundation",
+        "versions": [
+          {
+            "lessThan": "3.13.0b1",
+            "status": "affected",
+            "version": "3.13.0a1",
+            "versionType": "python"
+          },
+          {
+            "lessThan": "3.12.4",
+            "status": "affected",
+            "version": "0",
+            "versionType": "python"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
\ No newline at end of file